The present invention relates to security in computer systems, and more particularly to the handling of evidence of tampering of a computer system.
Security in computer systems is becoming increasingly important to users today. An important aspect to the security is the ability to detect when someone tampers with a computer system and to alert the administrator to the tampering. xe2x80x9cTamperingxe2x80x9d, as used in this specification, refers to any type of activity which could signify unauthorized access to the computer system. Examples of tampering include the opening of the case without a key and the moving of the computer.
One conventional method of providing an alarm when a computer system has been tampered with is the use of the Privileged Access Password (PAP) method. With this method, when there is evidence of tampering, the entire computer system is disabled. A PAP would then be required to access the computer system. Typically, the disabling under the PAP method seldom occurs, which results in administrators easily forgetting the PAP. Unless the PAP is entered; the disabling of the computer system is permanent. Because of the permanency of the disable feature and the ease in which the PAP could be forgotten, many computer system administrators do not engage the PAP system, which defeats the purpose of having such a system.
Accordingly, what is needed is a system and method for providing an alarm for tampering in a computer system which is easier to use than conventional methods. The method and system should be cost efficient to implement. The present invention addresses such a need.
The present invention is a method and system for providing a tamper alarm for a computer system. The method includes detecting tampering of the computer system, and transmitting electromagnetic field signals from a device concerning the tampering. In the preferred embodiment, the electromagnetic field signals are transmitted through patterns on a monitor or a video card which transmits a computer system identity information. The electromagnetic field signal of the present invention functions as a tamper alarm. When a receiver hears the alarm, the administrator of the computer system may act accordingly. The tamper evidence alarm may be transmitted in a manner which does not require the disabling of the computer system, thus increasing the ease of its use over conventional methods. Because the system is not disabled, a password is not required in order to regain access to the computer system. Also, the present invention may be practiced using existing hardware in the computer system, and thus is cost efficient to implement.